Fixed response for bad username or password and content-type header

(closes #244)
This commit is contained in:
Dmitri Bogomolov 2018-10-26 14:45:37 +03:00
parent 726986c1eb
commit 06033ed96e
Signed by untrusted user: g1itch
GPG Key ID: 720A756F18DEED13

View File

@ -12,6 +12,7 @@ import base64
import ConfigParser import ConfigParser
import errno import errno
import hashlib import hashlib
import httplib
import json import json
import random # nosec import random # nosec
import socket import socket
@ -92,6 +93,7 @@ class singleAPI(StoppableThread):
errno.WSAEADDRINUSE = errno.EADDRINUSE errno.WSAEADDRINUSE = errno.EADDRINUSE
RPCServerBase = SimpleXMLRPCServer RPCServerBase = SimpleXMLRPCServer
ct = 'text/xml'
if BMConfigParser().safeGet( if BMConfigParser().safeGet(
'bitmessagesettings', 'apivariant') == 'json': 'bitmessagesettings', 'apivariant') == 'json':
try: try:
@ -100,11 +102,14 @@ class singleAPI(StoppableThread):
except ImportError: except ImportError:
logger.warning( logger.warning(
'jsonrpclib not available, failing back to XML-RPC') 'jsonrpclib not available, failing back to XML-RPC')
else:
ct = 'application/json-rpc'
# Nested class. FIXME not found a better solution. # Nested class. FIXME not found a better solution.
class StoppableRPCServer(RPCServerBase): class StoppableRPCServer(RPCServerBase):
"""A SimpleXMLRPCServer that honours state.shutdown""" """A SimpleXMLRPCServer that honours state.shutdown"""
allow_reuse_address = True allow_reuse_address = True
content_type = ct
def serve_forever(self, poll_interval=None): def serve_forever(self, poll_interval=None):
"""Start the RPCServer""" """Start the RPCServer"""
@ -237,11 +242,11 @@ class BMXMLRPCRequestHandler(SimpleXMLRPCRequestHandler):
validuser = self.APIAuthenticateClient() validuser = self.APIAuthenticateClient()
if not validuser: if not validuser:
time.sleep(2) time.sleep(2)
# ProtocolError? self.send_response(httplib.UNAUTHORIZED)
response = ( self.end_headers()
"RPC Username or password incorrect or HTTP header" return
" lacks authentication at all." # "RPC Username or password incorrect or HTTP header"
) # " lacks authentication at all."
else: else:
# In previous versions of SimpleXMLRPCServer, _dispatch # In previous versions of SimpleXMLRPCServer, _dispatch
# could be overridden in this class, instead of in # could be overridden in this class, instead of in
@ -259,7 +264,7 @@ class BMXMLRPCRequestHandler(SimpleXMLRPCRequestHandler):
else: else:
# got a valid XML RPC response # got a valid XML RPC response
self.send_response(200) self.send_response(200)
self.send_header("Content-type", "text/xml") self.send_header("Content-type", self.server.content_type)
self.send_header("Content-length", str(len(response))) self.send_header("Content-length", str(len(response)))
# HACK :start -> sends cookies here # HACK :start -> sends cookies here